Thankfully, the breach does not affect millions but 2,700 users who registered on JRD, Joomla Resources Directory. The incident happened last week when a member of JRD left a full unencrypted backup of JRD on AWS S3 server. The company said that it was possible for a third-party to find and download the backup. It is not sure if any third-party had found it or not. In any case, Joomla team highly recommends all affected users to change their passwords on other websites (if they used the same password on multiple sites). Talking about passwords, the backup includes the following users’ details in the backup –
Full nameBusiness addressBusiness email addressBusiness phone numberCompany URLNature of businessEncrypted password (hashed)IP addressNewsletter subscription preferences
Most of the users’ information involved in the breach is already public except the IP address and hashed passwords. If anyone found the backup and successfully unhashed the passwords, he can use those passwords on other websites like Gmail, Microsoft, Facebook, etc. to access them. If you are affected by the breach, used the same passwords on Gmail, Facebook, etc. as on JRD platform, change your passwords immediately. Leaving a full unencrypted backup of the entire platform is not a small mistake. The company realized it and did a full audit of the platform and implemented multiple improvements. You can check the Audit report.